| CVE | CVE-2024-4255 |
| CVE Title | |
| Published Date | 2024-04-27T15:15Z |
| Modified Date | 2024-04-29T12:42Z |
| Description | A vulnerability, which was classified as critical, has been found in Ruijie RG-UAC up to 20240419. This issue affects some unknown processing of the file /view/network Config/GRE/gre_edit_commit.php. The manipulation of the argument name leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-262145 was assigned to this vulnerability. |
| References | |
| By clicking these links you will leave this website. We do not endorse and will not be held accountable for any activity on external sites. | |
| Reference URL | https://vuldb.com/?id.262145 |
| Reference Description | VDB-262145 | Ruijie RG-UAC gre_edit_commit.php os command injection |
| Reference URL | https://vuldb.com/?ctiid.262145 |
| Reference Description | VDB-262145 | CTI Indicators (IOB, IOC, TTP, IOA) |
| Reference URL | https://vuldb.com/?submit.319820 |
| Reference Description | Submit #319820 | Ruijie Ruijie RG-UAC Unified Internet Behavior Management Audit System Ruijie RG-UAC Unified Internet Behavior Management Audit System OS Command Injection |
| Reference URL | https://github.com/h0e4a0r1t/g-hdkyyf7L-Z8-5v/blob/main/Ruijie%20RG-UAC%20Unified%20Internet%20Behavior%20Management%20Audit%20System%20Backend%20RCE%20Vulnerability-gre_edit_commit.php.pdf |
| Reference Description | https://github.com/h0e4a0r1t/g-hdkyyf7L-Z8-5v/blob/main/Ruijie%20RG-UAC%20Unified%20Internet%20Behavior%20Management%20Audit%20System%20Backend%20RCE%20Vulnerability-gre_edit_commit.php.pdf |
| Sources | NIST MITRE |
Note
- No CVSS data for this CVE